2 matches found
CVE-2023-6956
The EasyAzon – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘easyazon-cloaking-locale’ parameter in all versions up to, and including, 5.1.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress EasyAzon Plugin <= 5.1.0 is vulnerable to Cross Site Scripting (XSS)
Software EasyAzon Type Plugin Vulnerable versions = 5.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6956 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b7bfe0fc0099 Credits Krzysztof Zając Required...